package com.lkl.hystrixdemo.order.filter;

import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

public class XssHttpServletWrapper extends HttpServletRequestWrapper {

    private HttpServletRequest request;

    public XssHttpServletWrapper (HttpServletRequest request) {
        super(request);
        this.request = request;
    }

    @Override
    public String getParameter(String name) {
        String oldValue = super.getParameter(name);

        if (StringUtils.isNotEmpty(oldValue)) {
            oldValue = StringEscapeUtils.escapeCsv(oldValue);
        }
        return oldValue;
    }
}
